<?
include('../includes/settings.php');
include('includes/db.class.php');
include('includes/function.php');
include("includes/image.class.php");
include('localization/localization.class.php');

session_start();

$db = new DB(DB_NAME, DB_SERVER, DB_USER, DB_PWD);
$db->charset(DB_CHARSET);

// Nawattapon
$urix = explode("/", $_SERVER['PHP_SELF'] );
$uri = end($urix);
// Nawattapon

//$uri = end(explode("/", $_SERVER['PHP_SELF'] )) // error : Strict Standards: Only variables should be passed by reference 

if(!isset($_SESSION['did_init'])){
  $_SESSION['did_init'] = true;
  $_SESSION['language'] = "th";
}

// set language
// error : Notice: Undefined index: lang
if(isset($_GET['lang'])){
  $lang = $_GET['lang'];

  if($lang != null)
    $_SESSION['language'] = $lang;
}


$local = new Localization($_SESSION['language']);
?>
<?
  //if($_POST['submit'] == 1) { // error : Notice: Undefined index: submit
  if(isset($_POST['submit'])) {

    if($_POST['password'] == "" || $_POST['username'] == "") {
      alert("ท่านไม่ได้กรอกชื่อผู้ใช้หรือรหัสผ่าน กรุณาลองอีกครั้ง");
    }else{

      $password = $db->queryUniqueValue("SELECT password FROM user WHERE level < 10 and username = '".$_POST['username']."' ");

      if ($_POST['password'] != $password) {
        alert("ชื่อผู้ใช้หรือรหัสผิดพลาด กรุณาลองอีกครั้ง");
      }else{
        $_SESSION['username'] = $_POST['username'];
        $_SESSION['admin'] = true;
        header("location: main/main.php");
      }
    }
  }
?>

<? include('header.php'); ?>

<div id = "login-panel">
  <div class = "center"><a href = "../"><img src = "images/logo.png" border = "0"></a></div>
  <form action = 'index.php' method = 'post'>
    <input type = "hidden" name = "submit" value = "1">
    <div class = "field"><label><? _l('username'); ?></label><input type = 'text' name = 'username' class = "input size1"></div>
    <div class = "field"><label><? _l('password'); ?></label><input type = 'password' name = 'password' class = "input size1"></div>
    <div class = "field"><label></label><input type = 'submit' value = '<? _l('login'); ?>' class = "btn"></div>
  </form>
</div>

<? include "footer.php" ?>